npm - @oxyhq/services - Versions diffs - 5.9.3 → 5.9.5 - Mend

@oxyhq/services 5.9.3 → 5.9.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/lib/commonjs/core/OxyServices.js +181 -0
package/lib/commonjs/core/OxyServices.js.map +1 -1
package/lib/module/core/OxyServices.js +181 -0
package/lib/module/core/OxyServices.js.map +1 -1
package/lib/typescript/core/OxyServices.d.ts +39 -0
package/lib/typescript/core/OxyServices.d.ts.map +1 -1
package/package.json +1 -1
package/src/core/OxyServices.ts +218 -1

package/lib/commonjs/core/OxyServices.js CHANGED Viewed

@@ -154,6 +154,187 @@ class OxyServices {
       throw this.handleError(error);
     }
   }
+  /**
+   * Simple Express.js authentication middleware
+   *
+   * Built-in authentication middleware that validates JWT tokens and adds user data to requests.
+   *
+   * @example
+   * ```typescript
+   * // Basic usage - just add it to your routes
+   * app.use('/api/protected', oxyServices.auth());
+   *
+   * // With debug logging
+   * app.use('/api/protected', oxyServices.auth({ debug: true }));
+   *
+   * // With custom error handling
+   * app.use('/api/protected', oxyServices.auth({
+   *   onError: (error) => console.error('Auth failed:', error)
+   * }));
+   *
+   * // Load full user data
+   * app.use('/api/protected', oxyServices.auth({ loadUser: true }));
+   * ```
+   *
+   * @param options Optional configuration
+   * @param options.debug Enable debug logging (default: false)
+   * @param options.onError Custom error handler
+   * @param options.loadUser Load full user data (default: false for performance)
+   * @param options.session Use session-based validation (default: false)
+   * @returns Express middleware function
+   */
+  auth(options = {}) {
+    const {
+      debug = false,
+      onError,
+      loadUser = false,
+      session = false
+    } = options;
+    return (req, res, next) => {
+      try {
+        // Extract token from Authorization header
+        const authHeader = req.headers['authorization'];
+        const token = authHeader?.startsWith('Bearer ') ? authHeader.substring(7) : null;
+        if (debug) {
+          console.log(`🔐 Auth: Processing ${req.method} ${req.path}`);
+          console.log(`🔐 Auth: Token present: ${!!token}`);
+        }
+        if (!token) {
+          const error = {
+            message: 'Access token required',
+            code: 'MISSING_TOKEN',
+            status: 401
+          };
+          if (debug) console.log(`❌ Auth: Missing token`);
+          if (onError) return onError(error);
+          return res.status(401).json(error);
+        }
+        // Decode and validate token
+        let decoded;
+        try {
+          decoded = (0, _jwtDecode.jwtDecode)(token);
+          if (debug) {
+            console.log(`🔐 Auth: Token decoded, User ID: ${decoded.userId || decoded.id}`);
+          }
+        } catch (decodeError) {
+          const error = {
+            message: 'Invalid token format',
+            code: 'INVALID_TOKEN_FORMAT',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token decode failed`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        const userId = decoded.userId || decoded.id;
+        if (!userId) {
+          const error = {
+            message: 'Token missing user ID',
+            code: 'INVALID_TOKEN_PAYLOAD',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token missing user ID`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        // Check token expiration
+        if (decoded.exp && decoded.exp < Math.floor(Date.now() / 1000)) {
+          const error = {
+            message: 'Token expired',
+            code: 'TOKEN_EXPIRED',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token expired`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        // Session-based validation if requested
+        if (session && decoded.sessionId) {
+          if (debug) console.log(`🔐 Auth: Validating session ${decoded.sessionId}`);
+          this.client.get(`/session/validate/${decoded.sessionId}`).then(sessionRes => {
+            const sessionData = sessionRes.data;
+            if (!sessionData.valid) {
+              const error = {
+                message: 'Invalid session',
+                code: 'INVALID_SESSION',
+                status: 403
+              };
+              if (debug) console.log(`❌ Auth: Session validation failed`);
+              if (onError) return onError(error);
+              return res.status(403).json(error);
+            }
+            if (debug) console.log(`✅ Auth: Session validation successful`);
+            // Continue with user data loading
+            this.loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError);
+          }).catch(sessionError => {
+            const error = {
+              message: 'Session validation failed',
+              code: 'SESSION_VALIDATION_ERROR',
+              status: 403
+            };
+            if (debug) console.log(`❌ Auth: Session validation error`);
+            if (onError) return onError(error);
+            return res.status(403).json(error);
+          });
+          return; // Exit early, will continue in promise chain
+        }
+        // No session validation needed, continue directly
+        this.loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError);
+      } catch (error) {
+        const apiError = this.handleError(error);
+        if (debug) {
+          console.log(`❌ Auth: Unexpected error:`, apiError);
+        }
+        if (onError) return onError(apiError);
+        return res.status(apiError.status || 500).json(apiError);
+      }
+    };
+  }
+  /**
+   * Helper method to load user data and continue middleware chain
+   */
+  loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError) {
+    // Set request properties
+    req.userId = userId;
+    req.accessToken = req.headers['authorization']?.substring(7) || null;
+    // Load user data if requested
+    if (loadUser) {
+      this.client.get(`/users/${userId}`).then(userRes => {
+        req.user = userRes.data;
+        if (debug) {
+          console.log(`✅ Auth: Authentication successful for user ${userId}`);
+        }
+        next();
+      }).catch(userError => {
+        // If user loading fails, just use minimal user data
+        req.user = {
+          id: userId
+        };
+        if (debug) {
+          console.log(`⚠️ Auth: Failed to load user data, using minimal data`);
+          console.log(`✅ Auth: Authentication successful for user ${userId}`);
+        }
+        next();
+      });
+    } else {
+      // Use minimal user data for performance
+      req.user = {
+        id: userId
+      };
+      if (debug) {
+        console.log(`✅ Auth: Authentication successful for user ${userId}`);
+      }
+      next();
+    }
+  }
 }
 exports.OxyServices = OxyServices;
 //# sourceMappingURL=OxyServices.js.map

package/lib/commonjs/core/OxyServices.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_axios","_interopRequireDefault","require","_jwtDecode","_errorUtils","e","__esModule","default","OxyServices","accessToken","refreshToken","constructor","config","client","axios","create","baseURL","timeout","setupInterceptors","interceptors","request","use","req","decoded","jwtDecode","currentTime","Math","floor","Date","now","exp","sessionId","res","get","data","refreshError","clearTokens","headers","Authorization","error","getBaseURL","defaults","setTokens","getCurrentUserId","userId","id","hasAccessToken","validate","valid","getClient","handleError","handleHttpError","healthCheck","exports"],"sourceRoot":"../../../src","sources":["core/OxyServices.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AAEA,IAAAE,WAAA,GAAAF,OAAA;AAAsD,SAAAD,uBAAAI,CAAA,WAAAA,CAAA,IAAAA,CAAA,CAAAC,UAAA,GAAAD,CAAA,KAAAE,OAAA,EAAAF,CAAA;AAQtD;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,WAAW,CAAC;EAEfC,WAAW,GAAkB,IAAI;EACjCC,YAAY,GAAkB,IAAI;;EAE1C;AACF;AACA;AACA;EACEC,WAAWA,CAACC,MAAiB,EAAE;IAC7B,IAAI,CAACC,MAAM,GAAGC,cAAK,CAACC,MAAM,CAAC;MACzBC,OAAO,EAAEJ,MAAM,CAACI,OAAO;MACvBC,OAAO,EAAE,KAAK,CAAC;IACjB,CAAC,CAAC;IAEF,IAAI,CAACC,iBAAiB,CAAC,CAAC;EAC1B;;EAEA;AACF;AACA;EACUA,iBAAiBA,CAAA,EAAS;IAChC;IACA,IAAI,CAACL,MAAM,CAACM,YAAY,CAACC,OAAO,CAACC,GAAG,CAAC,MAAOC,GAA+B,IAAK;MAC9E,IAAI,CAAC,IAAI,CAACb,WAAW,EAAE;QACrB,OAAOa,GAAG;MACZ;;MAEA;MACA,IAAI;QACF,MAAMC,OAAO,GAAG,IAAAC,oBAAS,EAAa,IAAI,CAACf,WAAW,CAAC;QACvD,MAAMgB,WAAW,GAAGC,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC;;QAEjD;QACA,IAAIN,OAAO,CAACO,GAAG,GAAGL,WAAW,GAAG,EAAE,EAAE;UAClC;UACA,IAAIF,OAAO,CAACQ,SAAS,EAAE;YACrB,IAAI;cACF,MAAMC,GAAG,GAAG,MAAM,IAAI,CAACnB,MAAM,CAACoB,GAAG,CAAC,kBAAkBV,OAAO,CAACQ,SAAS,EAAE,CAAC;cACxE,IAAI,CAACtB,WAAW,GAAGuB,GAAG,CAACE,IAAI,CAACzB,WAAW;YACzC,CAAC,CAAC,OAAO0B,YAAY,EAAE;cACrB;cACA,IAAI,CAACC,WAAW,CAAC,CAAC;YACpB;UACF;QACF;;QAEA;QACAd,GAAG,CAACe,OAAO,CAACC,aAAa,GAAG,UAAU,IAAI,CAAC7B,WAAW,EAAE;MAC1D,CAAC,CAAC,OAAO8B,KAAK,EAAE;QACd;QACA,IAAI,CAACH,WAAW,CAAC,CAAC;MACpB;MAEA,OAAOd,GAAG;IACZ,CAAC,CAAC;EACJ;;EAEA;AACF;AACA;EACSkB,UAAUA,CAAA,EAAW;IAC1B,OAAO,IAAI,CAAC3B,MAAM,CAAC4B,QAAQ,CAACzB,OAAO,IAAI,EAAE;EAC3C;;EAEA;AACF;AACA;EACS0B,SAASA,CAACjC,WAAmB,EAAEC,YAAoB,GAAG,EAAE,EAAQ;IACrE,IAAI,CAACD,WAAW,GAAGA,WAAW;IAC9B,IAAI,CAACC,YAAY,GAAGA,YAAY;EAClC;;EAEA;AACF;AACA;EACS0B,WAAWA,CAAA,EAAS;IACzB,IAAI,CAAC3B,WAAW,GAAG,IAAI;IACvB,IAAI,CAACC,YAAY,GAAG,IAAI;EAC1B;;EAEA;AACF;AACA;EACSiC,gBAAgBA,CAAA,EAAkB;IACvC,IAAI,CAAC,IAAI,CAAClC,WAAW,EAAE;MACrB,OAAO,IAAI;IACb;IAEA,IAAI;MACF,MAAMc,OAAO,GAAG,IAAAC,oBAAS,EAAa,IAAI,CAACf,WAAW,CAAC;MACvD,OAAOc,OAAO,CAACqB,MAAM,IAAIrB,OAAO,CAACsB,EAAE,IAAI,IAAI;IAC7C,CAAC,CAAC,OAAON,KAAK,EAAE;MACd,OAAO,IAAI;IACb;EACF;;EAEA;AACF;AACA;EACUO,cAAcA,CAAA,EAAY;IAChC,OAAO,CAAC,CAAC,IAAI,CAACrC,WAAW;EAC3B;;EAEA;AACF;AACA;EACE,MAAMsC,QAAQA,CAAA,EAAqB;IACjC,IAAI,CAAC,IAAI,CAACD,cAAc,CAAC,CAAC,EAAE;MAC1B,OAAO,KAAK;IACd;IAEA,IAAI;MACF,MAAMd,GAAG,GAAG,MAAM,IAAI,CAACnB,MAAM,CAACoB,GAAG,CAAC,gBAAgB,CAAC;MACnD,OAAOD,GAAG,CAACE,IAAI,CAACc,KAAK,KAAK,IAAI;IAChC,CAAC,CAAC,OAAOT,KAAK,EAAE;MACd,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;EACYU,SAASA,CAAA,EAAkB;IACnC,OAAO,IAAI,CAACpC,MAAM;EACpB;;EAEA;AACF;AACA;EACYqC,WAAWA,CAACX,KAAU,EAAY;IAC1C,OAAO,IAAAY,2BAAe,EAACZ,KAAK,CAAC;EAC/B;;EAEA;AACF;AACA;EACE,MAAMa,WAAWA,CAAA,EAKd;IACD,IAAI;MACF,MAAMpB,GAAG,GAAG,MAAM,IAAI,CAACnB,MAAM,CAACoB,GAAG,CAAC,SAAS,CAAC;MAC5C,OAAOD,GAAG,CAACE,IAAI;IACjB,CAAC,CAAC,OAAOK,KAAK,EAAE;MACd,MAAM,IAAI,CAACW,WAAW,CAACX,KAAK,CAAC;IAC/B;EACF;AACF;~~AAACc~~,OAAA,~~CAAA7C~~,WAAA,GAAAA,WAAA","ignoreList":[]}
1	+ {"version":3,"names":["_axios","_interopRequireDefault","require","_jwtDecode","_errorUtils","e","__esModule","default","OxyServices","accessToken","refreshToken","constructor","config","client","axios","create","baseURL","timeout","setupInterceptors","interceptors","request","use","req","decoded","jwtDecode","currentTime","Math","floor","Date","now","exp","sessionId","res","get","data","refreshError","clearTokens","headers","Authorization","error","getBaseURL","defaults","setTokens","getCurrentUserId","userId","id","hasAccessToken","validate","valid","getClient","handleError","handleHttpError","healthCheck","auth","options","debug","onError","loadUser","session","next","authHeader","token","startsWith","substring","console","log","method","path","message","code","status","json","decodeError","then","sessionRes","sessionData","loadUserDataAndContinue","catch","sessionError","apiError","userRes","user","userError","exports"],"sourceRoot":"../../../src","sources":["core/OxyServices.ts"],"mappings":";;;;;;AAAA,IAAAA,MAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,UAAA,GAAAD,OAAA;AAEA,IAAAE,WAAA,GAAAF,OAAA;AAAsD,SAAAD,uBAAAI,CAAA,WAAAA,CAAA,IAAAA,CAAA,CAAAC,UAAA,GAAAD,CAAA,KAAAE,OAAA,EAAAF,CAAA;AAQtD;AACA;AACA;AACA;AACA;AACA;AACO,MAAMG,WAAW,CAAC;EAEfC,WAAW,GAAkB,IAAI;EACjCC,YAAY,GAAkB,IAAI;;EAE1C;AACF;AACA;AACA;EACEC,WAAWA,CAACC,MAAiB,EAAE;IAC7B,IAAI,CAACC,MAAM,GAAGC,cAAK,CAACC,MAAM,CAAC;MACzBC,OAAO,EAAEJ,MAAM,CAACI,OAAO;MACvBC,OAAO,EAAE,KAAK,CAAC;IACjB,CAAC,CAAC;IAEF,IAAI,CAACC,iBAAiB,CAAC,CAAC;EAC1B;;EAEA;AACF;AACA;EACUA,iBAAiBA,CAAA,EAAS;IAChC;IACA,IAAI,CAACL,MAAM,CAACM,YAAY,CAACC,OAAO,CAACC,GAAG,CAAC,MAAOC,GAA+B,IAAK;MAC9E,IAAI,CAAC,IAAI,CAACb,WAAW,EAAE;QACrB,OAAOa,GAAG;MACZ;;MAEA;MACA,IAAI;QACF,MAAMC,OAAO,GAAG,IAAAC,oBAAS,EAAa,IAAI,CAACf,WAAW,CAAC;QACvD,MAAMgB,WAAW,GAAGC,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC;;QAEjD;QACA,IAAIN,OAAO,CAACO,GAAG,GAAGL,WAAW,GAAG,EAAE,EAAE;UAClC;UACA,IAAIF,OAAO,CAACQ,SAAS,EAAE;YACrB,IAAI;cACF,MAAMC,GAAG,GAAG,MAAM,IAAI,CAACnB,MAAM,CAACoB,GAAG,CAAC,kBAAkBV,OAAO,CAACQ,SAAS,EAAE,CAAC;cACxE,IAAI,CAACtB,WAAW,GAAGuB,GAAG,CAACE,IAAI,CAACzB,WAAW;YACzC,CAAC,CAAC,OAAO0B,YAAY,EAAE;cACrB;cACA,IAAI,CAACC,WAAW,CAAC,CAAC;YACpB;UACF;QACF;;QAEA;QACAd,GAAG,CAACe,OAAO,CAACC,aAAa,GAAG,UAAU,IAAI,CAAC7B,WAAW,EAAE;MAC1D,CAAC,CAAC,OAAO8B,KAAK,EAAE;QACd;QACA,IAAI,CAACH,WAAW,CAAC,CAAC;MACpB;MAEA,OAAOd,GAAG;IACZ,CAAC,CAAC;EACJ;;EAEA;AACF;AACA;EACSkB,UAAUA,CAAA,EAAW;IAC1B,OAAO,IAAI,CAAC3B,MAAM,CAAC4B,QAAQ,CAACzB,OAAO,IAAI,EAAE;EAC3C;;EAEA;AACF;AACA;EACS0B,SAASA,CAACjC,WAAmB,EAAEC,YAAoB,GAAG,EAAE,EAAQ;IACrE,IAAI,CAACD,WAAW,GAAGA,WAAW;IAC9B,IAAI,CAACC,YAAY,GAAGA,YAAY;EAClC;;EAEA;AACF;AACA;EACS0B,WAAWA,CAAA,EAAS;IACzB,IAAI,CAAC3B,WAAW,GAAG,IAAI;IACvB,IAAI,CAACC,YAAY,GAAG,IAAI;EAC1B;;EAEA;AACF;AACA;EACSiC,gBAAgBA,CAAA,EAAkB;IACvC,IAAI,CAAC,IAAI,CAAClC,WAAW,EAAE;MACrB,OAAO,IAAI;IACb;IAEA,IAAI;MACF,MAAMc,OAAO,GAAG,IAAAC,oBAAS,EAAa,IAAI,CAACf,WAAW,CAAC;MACvD,OAAOc,OAAO,CAACqB,MAAM,IAAIrB,OAAO,CAACsB,EAAE,IAAI,IAAI;IAC7C,CAAC,CAAC,OAAON,KAAK,EAAE;MACd,OAAO,IAAI;IACb;EACF;;EAEA;AACF;AACA;EACUO,cAAcA,CAAA,EAAY;IAChC,OAAO,CAAC,CAAC,IAAI,CAACrC,WAAW;EAC3B;;EAEA;AACF;AACA;EACE,MAAMsC,QAAQA,CAAA,EAAqB;IACjC,IAAI,CAAC,IAAI,CAACD,cAAc,CAAC,CAAC,EAAE;MAC1B,OAAO,KAAK;IACd;IAEA,IAAI;MACF,MAAMd,GAAG,GAAG,MAAM,IAAI,CAACnB,MAAM,CAACoB,GAAG,CAAC,gBAAgB,CAAC;MACnD,OAAOD,GAAG,CAACE,IAAI,CAACc,KAAK,KAAK,IAAI;IAChC,CAAC,CAAC,OAAOT,KAAK,EAAE;MACd,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;EACYU,SAASA,CAAA,EAAkB;IACnC,OAAO,IAAI,CAACpC,MAAM;EACpB;;EAEA;AACF;AACA;EACYqC,WAAWA,CAACX,KAAU,EAAY;IAC1C,OAAO,IAAAY,2BAAe,EAACZ,KAAK,CAAC;EAC/B;;EAEA;AACF;AACA;EACE,MAAMa,WAAWA,CAAA,EAKd;IACD,IAAI;MACF,MAAMpB,GAAG,GAAG,MAAM,IAAI,CAACnB,MAAM,CAACoB,GAAG,CAAC,SAAS,CAAC;MAC5C,OAAOD,GAAG,CAACE,IAAI;IACjB,CAAC,CAAC,OAAOK,KAAK,EAAE;MACd,MAAM,IAAI,CAACW,WAAW,CAACX,KAAK,CAAC;IAC/B;EACF;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEc,IAAIA,CAACC,OAKJ,GAAG,CAAC,CAAC,EAAE;IACN,MAAM;MAAEC,KAAK,GAAG,KAAK;MAAEC,OAAO;MAAEC,QAAQ,GAAG,KAAK;MAAEC,OAAO,GAAG;IAAM,CAAC,GAAGJ,OAAO;IAE7E,OAAO,CAAChC,GAAQ,EAAEU,GAAQ,EAAE2B,IAAS,KAAK;MACxC,IAAI;QACF;QACA,MAAMC,UAAU,GAAGtC,GAAG,CAACe,OAAO,CAAC,eAAe,CAAC;QAC/C,MAAMwB,KAAK,GAAGD,UAAU,EAAEE,UAAU,CAAC,SAAS,CAAC,GAAGF,UAAU,CAACG,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI;QAEhF,IAAIR,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,uBAAuB3C,GAAG,CAAC4C,MAAM,IAAI5C,GAAG,CAAC6C,IAAI,EAAE,CAAC;UAC5DH,OAAO,CAACC,GAAG,CAAC,2BAA2B,CAAC,CAACJ,KAAK,EAAE,CAAC;QACnD;QAEA,IAAI,CAACA,KAAK,EAAE;UACV,MAAMtB,KAAK,GAAG;YACZ6B,OAAO,EAAE,uBAAuB;YAChCC,IAAI,EAAE,eAAe;YACrBC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,uBAAuB,CAAC;UAE/C,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAACjB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACsC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAChC,KAAK,CAAC;QACpC;;QAEA;QACA,IAAIhB,OAAmB;QACvB,IAAI;UACFA,OAAO,GAAG,IAAAC,oBAAS,EAAaqC,KAAK,CAAC;UAEtC,IAAIN,KAAK,EAAE;YACTS,OAAO,CAACC,GAAG,CAAC,oCAAoC1C,OAAO,CAACqB,MAAM,IAAIrB,OAAO,CAACsB,EAAE,EAAE,CAAC;UACjF;QACF,CAAC,CAAC,OAAO2B,WAAW,EAAE;UACpB,MAAMjC,KAAK,GAAG;YACZ6B,OAAO,EAAE,sBAAsB;YAC/BC,IAAI,EAAE,sBAAsB;YAC5BC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC;UAErD,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAACjB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACsC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAChC,KAAK,CAAC;QACpC;QAEA,MAAMK,MAAM,GAAGrB,OAAO,CAACqB,MAAM,IAAIrB,OAAO,CAACsB,EAAE;QAC3C,IAAI,CAACD,MAAM,EAAE;UACX,MAAML,KAAK,GAAG;YACZ6B,OAAO,EAAE,uBAAuB;YAChCC,IAAI,EAAE,uBAAuB;YAC7BC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,+BAA+B,CAAC;UAEvD,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAACjB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACsC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAChC,KAAK,CAAC;QACpC;;QAEA;QACA,IAAIhB,OAAO,CAACO,GAAG,IAAIP,OAAO,CAACO,GAAG,GAAGJ,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE;UAC9D,MAAMU,KAAK,GAAG;YACZ6B,OAAO,EAAE,eAAe;YACxBC,IAAI,EAAE,eAAe;YACrBC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,uBAAuB,CAAC;UAE/C,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAACjB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACsC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAChC,KAAK,CAAC;QACpC;;QAEA;QACA,IAAImB,OAAO,IAAInC,OAAO,CAACQ,SAAS,EAAE;UAChC,IAAIwB,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,+BAA+B1C,OAAO,CAACQ,SAAS,EAAE,CAAC;UAE1E,IAAI,CAAClB,MAAM,CAACoB,GAAG,CAAC,qBAAqBV,OAAO,CAACQ,SAAS,EAAE,CAAC,CACtD0C,IAAI,CAACC,UAAU,IAAI;YAClB,MAAMC,WAAW,GAAGD,UAAU,CAACxC,IAAI;YAEnC,IAAI,CAACyC,WAAW,CAAC3B,KAAK,EAAE;cACtB,MAAMT,KAAK,GAAG;gBACZ6B,OAAO,EAAE,iBAAiB;gBAC1BC,IAAI,EAAE,iBAAiB;gBACvBC,MAAM,EAAE;cACV,CAAC;cAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,mCAAmC,CAAC;cAE3D,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAACjB,KAAK,CAAC;cAClC,OAAOP,GAAG,CAACsC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAChC,KAAK,CAAC;YACpC;YAEA,IAAIgB,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,uCAAuC,CAAC;;YAE/D;YACA,IAAI,CAACW,uBAAuB,CAACtD,GAAG,EAAEU,GAAG,EAAE2B,IAAI,EAAEf,MAAM,EAAEa,QAAQ,EAAEF,KAAK,EAAEC,OAAO,CAAC;UAChF,CAAC,CAAC,CACDqB,KAAK,CAACC,YAAY,IAAI;YACrB,MAAMvC,KAAK,GAAG;cACZ6B,OAAO,EAAE,2BAA2B;cACpCC,IAAI,EAAE,0BAA0B;cAChCC,MAAM,EAAE;YACV,CAAC;YAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,kCAAkC,CAAC;YAE1D,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAACjB,KAAK,CAAC;YAClC,OAAOP,GAAG,CAACsC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAChC,KAAK,CAAC;UACpC,CAAC,CAAC;UACJ,OAAO,CAAC;QACV;;QAEA;QACA,IAAI,CAACqC,uBAAuB,CAACtD,GAAG,EAAEU,GAAG,EAAE2B,IAAI,EAAEf,MAAM,EAAEa,QAAQ,EAAEF,KAAK,EAAEC,OAAO,CAAC;MAChF,CAAC,CAAC,OAAOjB,KAAK,EAAE;QACd,MAAMwC,QAAQ,GAAG,IAAI,CAAC7B,WAAW,CAACX,KAAK,CAAC;QAExC,IAAIgB,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,2BAA2B,EAAEc,QAAQ,CAAC;QACpD;QAEA,IAAIvB,OAAO,EAAE,OAAOA,OAAO,CAACuB,QAAQ,CAAC;QACrC,OAAO/C,GAAG,CAACsC,MAAM,CAACS,QAAQ,CAACT,MAAM,IAAI,GAAG,CAAC,CAACC,IAAI,CAACQ,QAAQ,CAAC;MAC1D;IACF,CAAC;EACH;;EAEA;AACF;AACA;EACUH,uBAAuBA,CAC7BtD,GAAQ,EACRU,GAAQ,EACR2B,IAAS,EACTf,MAAc,EACda,QAAiB,EACjBF,KAAc,EACdC,OAAkC,EAC5B;IACN;IACAlC,GAAG,CAACsB,MAAM,GAAGA,MAAM;IACnBtB,GAAG,CAACb,WAAW,GAAGa,GAAG,CAACe,OAAO,CAAC,eAAe,CAAC,EAAE0B,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI;;IAEpE;IACA,IAAIN,QAAQ,EAAE;MACZ,IAAI,CAAC5C,MAAM,CAACoB,GAAG,CAAC,UAAUW,MAAM,EAAE,CAAC,CAChC6B,IAAI,CAACO,OAAO,IAAI;QACf1D,GAAG,CAAC2D,IAAI,GAAGD,OAAO,CAAC9C,IAAI;QAEvB,IAAIqB,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,8CAA8CrB,MAAM,EAAE,CAAC;QACrE;QAEAe,IAAI,CAAC,CAAC;MACR,CAAC,CAAC,CACDkB,KAAK,CAACK,SAAS,IAAI;QAClB;QACA5D,GAAG,CAAC2D,IAAI,GAAG;UAAEpC,EAAE,EAAED;QAAO,CAAS;QAEjC,IAAIW,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,uDAAuD,CAAC;UACpED,OAAO,CAACC,GAAG,CAAC,8CAA8CrB,MAAM,EAAE,CAAC;QACrE;QAEAe,IAAI,CAAC,CAAC;MACR,CAAC,CAAC;IACN,CAAC,MAAM;MACL;MACArC,GAAG,CAAC2D,IAAI,GAAG;QAAEpC,EAAE,EAAED;MAAO,CAAS;MAEjC,IAAIW,KAAK,EAAE;QACTS,OAAO,CAACC,GAAG,CAAC,8CAA8CrB,MAAM,EAAE,CAAC;MACrE;MAEAe,IAAI,CAAC,CAAC;IACR;EACF;AACF;AAACwB,OAAA,CAAA3E,WAAA,GAAAA,WAAA","ignoreList":[]}

package/lib/module/core/OxyServices.js CHANGED Viewed

@@ -149,5 +149,186 @@ export class OxyServices {
       throw this.handleError(error);
     }
   }
+  /**
+   * Simple Express.js authentication middleware
+   *
+   * Built-in authentication middleware that validates JWT tokens and adds user data to requests.
+   *
+   * @example
+   * ```typescript
+   * // Basic usage - just add it to your routes
+   * app.use('/api/protected', oxyServices.auth());
+   *
+   * // With debug logging
+   * app.use('/api/protected', oxyServices.auth({ debug: true }));
+   *
+   * // With custom error handling
+   * app.use('/api/protected', oxyServices.auth({
+   *   onError: (error) => console.error('Auth failed:', error)
+   * }));
+   *
+   * // Load full user data
+   * app.use('/api/protected', oxyServices.auth({ loadUser: true }));
+   * ```
+   *
+   * @param options Optional configuration
+   * @param options.debug Enable debug logging (default: false)
+   * @param options.onError Custom error handler
+   * @param options.loadUser Load full user data (default: false for performance)
+   * @param options.session Use session-based validation (default: false)
+   * @returns Express middleware function
+   */
+  auth(options = {}) {
+    const {
+      debug = false,
+      onError,
+      loadUser = false,
+      session = false
+    } = options;
+    return (req, res, next) => {
+      try {
+        // Extract token from Authorization header
+        const authHeader = req.headers['authorization'];
+        const token = authHeader?.startsWith('Bearer ') ? authHeader.substring(7) : null;
+        if (debug) {
+          console.log(`🔐 Auth: Processing ${req.method} ${req.path}`);
+          console.log(`🔐 Auth: Token present: ${!!token}`);
+        }
+        if (!token) {
+          const error = {
+            message: 'Access token required',
+            code: 'MISSING_TOKEN',
+            status: 401
+          };
+          if (debug) console.log(`❌ Auth: Missing token`);
+          if (onError) return onError(error);
+          return res.status(401).json(error);
+        }
+        // Decode and validate token
+        let decoded;
+        try {
+          decoded = jwtDecode(token);
+          if (debug) {
+            console.log(`🔐 Auth: Token decoded, User ID: ${decoded.userId || decoded.id}`);
+          }
+        } catch (decodeError) {
+          const error = {
+            message: 'Invalid token format',
+            code: 'INVALID_TOKEN_FORMAT',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token decode failed`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        const userId = decoded.userId || decoded.id;
+        if (!userId) {
+          const error = {
+            message: 'Token missing user ID',
+            code: 'INVALID_TOKEN_PAYLOAD',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token missing user ID`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        // Check token expiration
+        if (decoded.exp && decoded.exp < Math.floor(Date.now() / 1000)) {
+          const error = {
+            message: 'Token expired',
+            code: 'TOKEN_EXPIRED',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token expired`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        // Session-based validation if requested
+        if (session && decoded.sessionId) {
+          if (debug) console.log(`🔐 Auth: Validating session ${decoded.sessionId}`);
+          this.client.get(`/session/validate/${decoded.sessionId}`).then(sessionRes => {
+            const sessionData = sessionRes.data;
+            if (!sessionData.valid) {
+              const error = {
+                message: 'Invalid session',
+                code: 'INVALID_SESSION',
+                status: 403
+              };
+              if (debug) console.log(`❌ Auth: Session validation failed`);
+              if (onError) return onError(error);
+              return res.status(403).json(error);
+            }
+            if (debug) console.log(`✅ Auth: Session validation successful`);
+            // Continue with user data loading
+            this.loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError);
+          }).catch(sessionError => {
+            const error = {
+              message: 'Session validation failed',
+              code: 'SESSION_VALIDATION_ERROR',
+              status: 403
+            };
+            if (debug) console.log(`❌ Auth: Session validation error`);
+            if (onError) return onError(error);
+            return res.status(403).json(error);
+          });
+          return; // Exit early, will continue in promise chain
+        }
+        // No session validation needed, continue directly
+        this.loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError);
+      } catch (error) {
+        const apiError = this.handleError(error);
+        if (debug) {
+          console.log(`❌ Auth: Unexpected error:`, apiError);
+        }
+        if (onError) return onError(apiError);
+        return res.status(apiError.status || 500).json(apiError);
+      }
+    };
+  }
+  /**
+   * Helper method to load user data and continue middleware chain
+   */
+  loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError) {
+    // Set request properties
+    req.userId = userId;
+    req.accessToken = req.headers['authorization']?.substring(7) || null;
+    // Load user data if requested
+    if (loadUser) {
+      this.client.get(`/users/${userId}`).then(userRes => {
+        req.user = userRes.data;
+        if (debug) {
+          console.log(`✅ Auth: Authentication successful for user ${userId}`);
+        }
+        next();
+      }).catch(userError => {
+        // If user loading fails, just use minimal user data
+        req.user = {
+          id: userId
+        };
+        if (debug) {
+          console.log(`⚠️ Auth: Failed to load user data, using minimal data`);
+          console.log(`✅ Auth: Authentication successful for user ${userId}`);
+        }
+        next();
+      });
+    } else {
+      // Use minimal user data for performance
+      req.user = {
+        id: userId
+      };
+      if (debug) {
+        console.log(`✅ Auth: Authentication successful for user ${userId}`);
+      }
+      next();
+    }
+  }
 }
 //# sourceMappingURL=OxyServices.js.map

package/lib/module/core/OxyServices.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["axios","jwtDecode","handleHttpError","OxyServices","accessToken","refreshToken","constructor","config","client","create","baseURL","timeout","setupInterceptors","interceptors","request","use","req","decoded","currentTime","Math","floor","Date","now","exp","sessionId","res","get","data","refreshError","clearTokens","headers","Authorization","error","getBaseURL","defaults","setTokens","getCurrentUserId","userId","id","hasAccessToken","validate","valid","getClient","handleError","healthCheck"],"sourceRoot":"../../../src","sources":["core/OxyServices.ts"],"mappings":";;AAAA,OAAOA,KAAK,MAAqD,OAAO;AACxE,SAASC,SAAS,QAAQ,YAAY;AAEtC,SAASC,eAAe,QAAQ,qBAAqB;AAQrD;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,WAAW,CAAC;EAEfC,WAAW,GAAkB,IAAI;EACjCC,YAAY,GAAkB,IAAI;;EAE1C;AACF;AACA;AACA;EACEC,WAAWA,CAACC,MAAiB,EAAE;IAC7B,IAAI,CAACC,MAAM,GAAGR,KAAK,CAACS,MAAM,CAAC;MACzBC,OAAO,EAAEH,MAAM,CAACG,OAAO;MACvBC,OAAO,EAAE,KAAK,CAAC;IACjB,CAAC,CAAC;IAEF,IAAI,CAACC,iBAAiB,CAAC,CAAC;EAC1B;;EAEA;AACF;AACA;EACUA,iBAAiBA,CAAA,EAAS;IAChC;IACA,IAAI,CAACJ,MAAM,CAACK,YAAY,CAACC,OAAO,CAACC,GAAG,CAAC,MAAOC,GAA+B,IAAK;MAC9E,IAAI,CAAC,IAAI,CAACZ,WAAW,EAAE;QACrB,OAAOY,GAAG;MACZ;;MAEA;MACA,IAAI;QACF,MAAMC,OAAO,GAAGhB,SAAS,CAAa,IAAI,CAACG,WAAW,CAAC;QACvD,MAAMc,WAAW,GAAGC,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC;;QAEjD;QACA,IAAIL,OAAO,CAACM,GAAG,GAAGL,WAAW,GAAG,EAAE,EAAE;UAClC;UACA,IAAID,OAAO,CAACO,SAAS,EAAE;YACrB,IAAI;cACF,MAAMC,GAAG,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,GAAG,CAAC,kBAAkBT,OAAO,CAACO,SAAS,EAAE,CAAC;cACxE,IAAI,CAACpB,WAAW,GAAGqB,GAAG,CAACE,IAAI,CAACvB,WAAW;YACzC,CAAC,CAAC,OAAOwB,YAAY,EAAE;cACrB;cACA,IAAI,CAACC,WAAW,CAAC,CAAC;YACpB;UACF;QACF;;QAEA;QACAb,GAAG,CAACc,OAAO,CAACC,aAAa,GAAG,UAAU,IAAI,CAAC3B,WAAW,EAAE;MAC1D,CAAC,CAAC,OAAO4B,KAAK,EAAE;QACd;QACA,IAAI,CAACH,WAAW,CAAC,CAAC;MACpB;MAEA,OAAOb,GAAG;IACZ,CAAC,CAAC;EACJ;;EAEA;AACF;AACA;EACSiB,UAAUA,CAAA,EAAW;IAC1B,OAAO,IAAI,CAACzB,MAAM,CAAC0B,QAAQ,CAACxB,OAAO,IAAI,EAAE;EAC3C;;EAEA;AACF;AACA;EACSyB,SAASA,CAAC/B,WAAmB,EAAEC,YAAoB,GAAG,EAAE,EAAQ;IACrE,IAAI,CAACD,WAAW,GAAGA,WAAW;IAC9B,IAAI,CAACC,YAAY,GAAGA,YAAY;EAClC;;EAEA;AACF;AACA;EACSwB,WAAWA,CAAA,EAAS;IACzB,IAAI,CAACzB,WAAW,GAAG,IAAI;IACvB,IAAI,CAACC,YAAY,GAAG,IAAI;EAC1B;;EAEA;AACF;AACA;EACS+B,gBAAgBA,CAAA,EAAkB;IACvC,IAAI,CAAC,IAAI,CAAChC,WAAW,EAAE;MACrB,OAAO,IAAI;IACb;IAEA,IAAI;MACF,MAAMa,OAAO,GAAGhB,SAAS,CAAa,IAAI,CAACG,WAAW,CAAC;MACvD,OAAOa,OAAO,CAACoB,MAAM,IAAIpB,OAAO,CAACqB,EAAE,IAAI,IAAI;IAC7C,CAAC,CAAC,OAAON,KAAK,EAAE;MACd,OAAO,IAAI;IACb;EACF;;EAEA;AACF;AACA;EACUO,cAAcA,CAAA,EAAY;IAChC,OAAO,CAAC,CAAC,IAAI,CAACnC,WAAW;EAC3B;;EAEA;AACF;AACA;EACE,MAAMoC,QAAQA,CAAA,EAAqB;IACjC,IAAI,CAAC,IAAI,CAACD,cAAc,CAAC,CAAC,EAAE;MAC1B,OAAO,KAAK;IACd;IAEA,IAAI;MACF,MAAMd,GAAG,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,GAAG,CAAC,gBAAgB,CAAC;MACnD,OAAOD,GAAG,CAACE,IAAI,CAACc,KAAK,KAAK,IAAI;IAChC,CAAC,CAAC,OAAOT,KAAK,EAAE;MACd,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;EACYU,SAASA,CAAA,EAAkB;IACnC,OAAO,IAAI,CAAClC,MAAM;EACpB;;EAEA;AACF;AACA;EACYmC,WAAWA,CAACX,KAAU,EAAY;IAC1C,OAAO9B,eAAe,CAAC8B,KAAK,CAAC;EAC/B;;EAEA;AACF;AACA;EACE,MAAMY,WAAWA,CAAA,EAKd;IACD,IAAI;MACF,MAAMnB,GAAG,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,GAAG,CAAC,SAAS,CAAC;MAC5C,OAAOD,GAAG,CAACE,IAAI;IACjB,CAAC,CAAC,OAAOK,KAAK,EAAE;MACd,MAAM,IAAI,CAACW,WAAW,CAACX,KAAK,CAAC;IAC/B;EACF;AACF","ignoreList":[]}
1	+ {"version":3,"names":["axios","jwtDecode","handleHttpError","OxyServices","accessToken","refreshToken","constructor","config","client","create","baseURL","timeout","setupInterceptors","interceptors","request","use","req","decoded","currentTime","Math","floor","Date","now","exp","sessionId","res","get","data","refreshError","clearTokens","headers","Authorization","error","getBaseURL","defaults","setTokens","getCurrentUserId","userId","id","hasAccessToken","validate","valid","getClient","handleError","healthCheck","auth","options","debug","onError","loadUser","session","next","authHeader","token","startsWith","substring","console","log","method","path","message","code","status","json","decodeError","then","sessionRes","sessionData","loadUserDataAndContinue","catch","sessionError","apiError","userRes","user","userError"],"sourceRoot":"../../../src","sources":["core/OxyServices.ts"],"mappings":";;AAAA,OAAOA,KAAK,MAAqD,OAAO;AACxE,SAASC,SAAS,QAAQ,YAAY;AAEtC,SAASC,eAAe,QAAQ,qBAAqB;AAQrD;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,MAAMC,WAAW,CAAC;EAEfC,WAAW,GAAkB,IAAI;EACjCC,YAAY,GAAkB,IAAI;;EAE1C;AACF;AACA;AACA;EACEC,WAAWA,CAACC,MAAiB,EAAE;IAC7B,IAAI,CAACC,MAAM,GAAGR,KAAK,CAACS,MAAM,CAAC;MACzBC,OAAO,EAAEH,MAAM,CAACG,OAAO;MACvBC,OAAO,EAAE,KAAK,CAAC;IACjB,CAAC,CAAC;IAEF,IAAI,CAACC,iBAAiB,CAAC,CAAC;EAC1B;;EAEA;AACF;AACA;EACUA,iBAAiBA,CAAA,EAAS;IAChC;IACA,IAAI,CAACJ,MAAM,CAACK,YAAY,CAACC,OAAO,CAACC,GAAG,CAAC,MAAOC,GAA+B,IAAK;MAC9E,IAAI,CAAC,IAAI,CAACZ,WAAW,EAAE;QACrB,OAAOY,GAAG;MACZ;;MAEA;MACA,IAAI;QACF,MAAMC,OAAO,GAAGhB,SAAS,CAAa,IAAI,CAACG,WAAW,CAAC;QACvD,MAAMc,WAAW,GAAGC,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC;;QAEjD;QACA,IAAIL,OAAO,CAACM,GAAG,GAAGL,WAAW,GAAG,EAAE,EAAE;UAClC;UACA,IAAID,OAAO,CAACO,SAAS,EAAE;YACrB,IAAI;cACF,MAAMC,GAAG,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,GAAG,CAAC,kBAAkBT,OAAO,CAACO,SAAS,EAAE,CAAC;cACxE,IAAI,CAACpB,WAAW,GAAGqB,GAAG,CAACE,IAAI,CAACvB,WAAW;YACzC,CAAC,CAAC,OAAOwB,YAAY,EAAE;cACrB;cACA,IAAI,CAACC,WAAW,CAAC,CAAC;YACpB;UACF;QACF;;QAEA;QACAb,GAAG,CAACc,OAAO,CAACC,aAAa,GAAG,UAAU,IAAI,CAAC3B,WAAW,EAAE;MAC1D,CAAC,CAAC,OAAO4B,KAAK,EAAE;QACd;QACA,IAAI,CAACH,WAAW,CAAC,CAAC;MACpB;MAEA,OAAOb,GAAG;IACZ,CAAC,CAAC;EACJ;;EAEA;AACF;AACA;EACSiB,UAAUA,CAAA,EAAW;IAC1B,OAAO,IAAI,CAACzB,MAAM,CAAC0B,QAAQ,CAACxB,OAAO,IAAI,EAAE;EAC3C;;EAEA;AACF;AACA;EACSyB,SAASA,CAAC/B,WAAmB,EAAEC,YAAoB,GAAG,EAAE,EAAQ;IACrE,IAAI,CAACD,WAAW,GAAGA,WAAW;IAC9B,IAAI,CAACC,YAAY,GAAGA,YAAY;EAClC;;EAEA;AACF;AACA;EACSwB,WAAWA,CAAA,EAAS;IACzB,IAAI,CAACzB,WAAW,GAAG,IAAI;IACvB,IAAI,CAACC,YAAY,GAAG,IAAI;EAC1B;;EAEA;AACF;AACA;EACS+B,gBAAgBA,CAAA,EAAkB;IACvC,IAAI,CAAC,IAAI,CAAChC,WAAW,EAAE;MACrB,OAAO,IAAI;IACb;IAEA,IAAI;MACF,MAAMa,OAAO,GAAGhB,SAAS,CAAa,IAAI,CAACG,WAAW,CAAC;MACvD,OAAOa,OAAO,CAACoB,MAAM,IAAIpB,OAAO,CAACqB,EAAE,IAAI,IAAI;IAC7C,CAAC,CAAC,OAAON,KAAK,EAAE;MACd,OAAO,IAAI;IACb;EACF;;EAEA;AACF;AACA;EACUO,cAAcA,CAAA,EAAY;IAChC,OAAO,CAAC,CAAC,IAAI,CAACnC,WAAW;EAC3B;;EAEA;AACF;AACA;EACE,MAAMoC,QAAQA,CAAA,EAAqB;IACjC,IAAI,CAAC,IAAI,CAACD,cAAc,CAAC,CAAC,EAAE;MAC1B,OAAO,KAAK;IACd;IAEA,IAAI;MACF,MAAMd,GAAG,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,GAAG,CAAC,gBAAgB,CAAC;MACnD,OAAOD,GAAG,CAACE,IAAI,CAACc,KAAK,KAAK,IAAI;IAChC,CAAC,CAAC,OAAOT,KAAK,EAAE;MACd,OAAO,KAAK;IACd;EACF;;EAEA;AACF;AACA;EACYU,SAASA,CAAA,EAAkB;IACnC,OAAO,IAAI,CAAClC,MAAM;EACpB;;EAEA;AACF;AACA;EACYmC,WAAWA,CAACX,KAAU,EAAY;IAC1C,OAAO9B,eAAe,CAAC8B,KAAK,CAAC;EAC/B;;EAEA;AACF;AACA;EACE,MAAMY,WAAWA,CAAA,EAKd;IACD,IAAI;MACF,MAAMnB,GAAG,GAAG,MAAM,IAAI,CAACjB,MAAM,CAACkB,GAAG,CAAC,SAAS,CAAC;MAC5C,OAAOD,GAAG,CAACE,IAAI;IACjB,CAAC,CAAC,OAAOK,KAAK,EAAE;MACd,MAAM,IAAI,CAACW,WAAW,CAACX,KAAK,CAAC;IAC/B;EACF;;EAEA;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEa,IAAIA,CAACC,OAKJ,GAAG,CAAC,CAAC,EAAE;IACN,MAAM;MAAEC,KAAK,GAAG,KAAK;MAAEC,OAAO;MAAEC,QAAQ,GAAG,KAAK;MAAEC,OAAO,GAAG;IAAM,CAAC,GAAGJ,OAAO;IAE7E,OAAO,CAAC9B,GAAQ,EAAES,GAAQ,EAAE0B,IAAS,KAAK;MACxC,IAAI;QACF;QACA,MAAMC,UAAU,GAAGpC,GAAG,CAACc,OAAO,CAAC,eAAe,CAAC;QAC/C,MAAMuB,KAAK,GAAGD,UAAU,EAAEE,UAAU,CAAC,SAAS,CAAC,GAAGF,UAAU,CAACG,SAAS,CAAC,CAAC,CAAC,GAAG,IAAI;QAEhF,IAAIR,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,uBAAuBzC,GAAG,CAAC0C,MAAM,IAAI1C,GAAG,CAAC2C,IAAI,EAAE,CAAC;UAC5DH,OAAO,CAACC,GAAG,CAAC,2BAA2B,CAAC,CAACJ,KAAK,EAAE,CAAC;QACnD;QAEA,IAAI,CAACA,KAAK,EAAE;UACV,MAAMrB,KAAK,GAAG;YACZ4B,OAAO,EAAE,uBAAuB;YAChCC,IAAI,EAAE,eAAe;YACrBC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,uBAAuB,CAAC;UAE/C,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAAChB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACqC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC/B,KAAK,CAAC;QACpC;;QAEA;QACA,IAAIf,OAAmB;QACvB,IAAI;UACFA,OAAO,GAAGhB,SAAS,CAAaoD,KAAK,CAAC;UAEtC,IAAIN,KAAK,EAAE;YACTS,OAAO,CAACC,GAAG,CAAC,oCAAoCxC,OAAO,CAACoB,MAAM,IAAIpB,OAAO,CAACqB,EAAE,EAAE,CAAC;UACjF;QACF,CAAC,CAAC,OAAO0B,WAAW,EAAE;UACpB,MAAMhC,KAAK,GAAG;YACZ4B,OAAO,EAAE,sBAAsB;YAC/BC,IAAI,EAAE,sBAAsB;YAC5BC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,6BAA6B,CAAC;UAErD,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAAChB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACqC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC/B,KAAK,CAAC;QACpC;QAEA,MAAMK,MAAM,GAAGpB,OAAO,CAACoB,MAAM,IAAIpB,OAAO,CAACqB,EAAE;QAC3C,IAAI,CAACD,MAAM,EAAE;UACX,MAAML,KAAK,GAAG;YACZ4B,OAAO,EAAE,uBAAuB;YAChCC,IAAI,EAAE,uBAAuB;YAC7BC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,+BAA+B,CAAC;UAEvD,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAAChB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACqC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC/B,KAAK,CAAC;QACpC;;QAEA;QACA,IAAIf,OAAO,CAACM,GAAG,IAAIN,OAAO,CAACM,GAAG,GAAGJ,IAAI,CAACC,KAAK,CAACC,IAAI,CAACC,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,EAAE;UAC9D,MAAMU,KAAK,GAAG;YACZ4B,OAAO,EAAE,eAAe;YACxBC,IAAI,EAAE,eAAe;YACrBC,MAAM,EAAE;UACV,CAAC;UAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,uBAAuB,CAAC;UAE/C,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAAChB,KAAK,CAAC;UAClC,OAAOP,GAAG,CAACqC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC/B,KAAK,CAAC;QACpC;;QAEA;QACA,IAAIkB,OAAO,IAAIjC,OAAO,CAACO,SAAS,EAAE;UAChC,IAAIuB,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,+BAA+BxC,OAAO,CAACO,SAAS,EAAE,CAAC;UAE1E,IAAI,CAAChB,MAAM,CAACkB,GAAG,CAAC,qBAAqBT,OAAO,CAACO,SAAS,EAAE,CAAC,CACtDyC,IAAI,CAACC,UAAU,IAAI;YAClB,MAAMC,WAAW,GAAGD,UAAU,CAACvC,IAAI;YAEnC,IAAI,CAACwC,WAAW,CAAC1B,KAAK,EAAE;cACtB,MAAMT,KAAK,GAAG;gBACZ4B,OAAO,EAAE,iBAAiB;gBAC1BC,IAAI,EAAE,iBAAiB;gBACvBC,MAAM,EAAE;cACV,CAAC;cAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,mCAAmC,CAAC;cAE3D,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAAChB,KAAK,CAAC;cAClC,OAAOP,GAAG,CAACqC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC/B,KAAK,CAAC;YACpC;YAEA,IAAIe,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,uCAAuC,CAAC;;YAE/D;YACA,IAAI,CAACW,uBAAuB,CAACpD,GAAG,EAAES,GAAG,EAAE0B,IAAI,EAAEd,MAAM,EAAEY,QAAQ,EAAEF,KAAK,EAAEC,OAAO,CAAC;UAChF,CAAC,CAAC,CACDqB,KAAK,CAACC,YAAY,IAAI;YACrB,MAAMtC,KAAK,GAAG;cACZ4B,OAAO,EAAE,2BAA2B;cACpCC,IAAI,EAAE,0BAA0B;cAChCC,MAAM,EAAE;YACV,CAAC;YAED,IAAIf,KAAK,EAAES,OAAO,CAACC,GAAG,CAAC,kCAAkC,CAAC;YAE1D,IAAIT,OAAO,EAAE,OAAOA,OAAO,CAAChB,KAAK,CAAC;YAClC,OAAOP,GAAG,CAACqC,MAAM,CAAC,GAAG,CAAC,CAACC,IAAI,CAAC/B,KAAK,CAAC;UACpC,CAAC,CAAC;UACJ,OAAO,CAAC;QACV;;QAEA;QACA,IAAI,CAACoC,uBAAuB,CAACpD,GAAG,EAAES,GAAG,EAAE0B,IAAI,EAAEd,MAAM,EAAEY,QAAQ,EAAEF,KAAK,EAAEC,OAAO,CAAC;MAChF,CAAC,CAAC,OAAOhB,KAAK,EAAE;QACd,MAAMuC,QAAQ,GAAG,IAAI,CAAC5B,WAAW,CAACX,KAAK,CAAC;QAExC,IAAIe,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,2BAA2B,EAAEc,QAAQ,CAAC;QACpD;QAEA,IAAIvB,OAAO,EAAE,OAAOA,OAAO,CAACuB,QAAQ,CAAC;QACrC,OAAO9C,GAAG,CAACqC,MAAM,CAACS,QAAQ,CAACT,MAAM,IAAI,GAAG,CAAC,CAACC,IAAI,CAACQ,QAAQ,CAAC;MAC1D;IACF,CAAC;EACH;;EAEA;AACF;AACA;EACUH,uBAAuBA,CAC7BpD,GAAQ,EACRS,GAAQ,EACR0B,IAAS,EACTd,MAAc,EACdY,QAAiB,EACjBF,KAAc,EACdC,OAAkC,EAC5B;IACN;IACAhC,GAAG,CAACqB,MAAM,GAAGA,MAAM;IACnBrB,GAAG,CAACZ,WAAW,GAAGY,GAAG,CAACc,OAAO,CAAC,eAAe,CAAC,EAAEyB,SAAS,CAAC,CAAC,CAAC,IAAI,IAAI;;IAEpE;IACA,IAAIN,QAAQ,EAAE;MACZ,IAAI,CAACzC,MAAM,CAACkB,GAAG,CAAC,UAAUW,MAAM,EAAE,CAAC,CAChC4B,IAAI,CAACO,OAAO,IAAI;QACfxD,GAAG,CAACyD,IAAI,GAAGD,OAAO,CAAC7C,IAAI;QAEvB,IAAIoB,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,8CAA8CpB,MAAM,EAAE,CAAC;QACrE;QAEAc,IAAI,CAAC,CAAC;MACR,CAAC,CAAC,CACDkB,KAAK,CAACK,SAAS,IAAI;QAClB;QACA1D,GAAG,CAACyD,IAAI,GAAG;UAAEnC,EAAE,EAAED;QAAO,CAAS;QAEjC,IAAIU,KAAK,EAAE;UACTS,OAAO,CAACC,GAAG,CAAC,uDAAuD,CAAC;UACpED,OAAO,CAACC,GAAG,CAAC,8CAA8CpB,MAAM,EAAE,CAAC;QACrE;QAEAc,IAAI,CAAC,CAAC;MACR,CAAC,CAAC;IACN,CAAC,MAAM;MACL;MACAnC,GAAG,CAACyD,IAAI,GAAG;QAAEnC,EAAE,EAAED;MAAO,CAAS;MAEjC,IAAIU,KAAK,EAAE;QACTS,OAAO,CAACC,GAAG,CAAC,8CAA8CpB,MAAM,EAAE,CAAC;MACrE;MAEAc,IAAI,CAAC,CAAC;IACR;EACF;AACF","ignoreList":[]}

package/lib/typescript/core/OxyServices.d.ts CHANGED Viewed

@@ -60,5 +60,44 @@ export declare class OxyServices {
         timestamp?: string;
         [key: string]: any;
     }>;
+    /**
+     * Simple Express.js authentication middleware
+     *
+     * Built-in authentication middleware that validates JWT tokens and adds user data to requests.
+     *
+     * @example
+     * ```typescript
+     * // Basic usage - just add it to your routes
+     * app.use('/api/protected', oxyServices.auth());
+     *
+     * // With debug logging
+     * app.use('/api/protected', oxyServices.auth({ debug: true }));
+     *
+     * // With custom error handling
+     * app.use('/api/protected', oxyServices.auth({
+     *   onError: (error) => console.error('Auth failed:', error)
+     * }));
+     *
+     * // Load full user data
+     * app.use('/api/protected', oxyServices.auth({ loadUser: true }));
+     * ```
+     *
+     * @param options Optional configuration
+     * @param options.debug Enable debug logging (default: false)
+     * @param options.onError Custom error handler
+     * @param options.loadUser Load full user data (default: false for performance)
+     * @param options.session Use session-based validation (default: false)
+     * @returns Express middleware function
+     */
+    auth(options?: {
+        debug?: boolean;
+        onError?: (error: ApiError) => any;
+        loadUser?: boolean;
+        session?: boolean;
+    }): (req: any, res: any, next: any) => any;
+    /**
+     * Helper method to load user data and continue middleware chain
+     */
+    private loadUserDataAndContinue;
 }
 //# sourceMappingURL=OxyServices.d.ts.map

package/lib/typescript/core/OxyServices.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"OxyServices.d.ts","sourceRoot":"","sources":["../../../src/core/OxyServices.ts"],"names":[],"mappings":"AAAA,OAAc,EAAE,aAAa,EAA8B,MAAM,OAAO,CAAC;AAEzE,OAAO,EAAE,SAAS,EAAE,QAAQ,~~EAAE~~,MAAM,sBAAsB,CAAC;~~AAS3D~~;;;;;GAKG;AACH,qBAAa,WAAW;IACtB,SAAS,CAAC,MAAM,EAAE,aAAa,CAAC;IAChC,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,YAAY,CAAuB;IAE3C;;;OAGG;gBACS,MAAM,EAAE,SAAS;IAS7B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAqCzB;;OAEG;IACI,UAAU,IAAI,MAAM;IAI3B;;OAEG;IACI,SAAS,CAAC,WAAW,EAAE,MAAM,EAAE,YAAY,GAAE,MAAW,GAAG,IAAI;IAKtE;;OAEG;IACI,WAAW,IAAI,IAAI;IAK1B;;OAEG;IACI,gBAAgB,IAAI,MAAM,GAAG,IAAI;IAaxC;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;IAalC;;OAEG;IACH,SAAS,CAAC,SAAS,IAAI,aAAa;IAIpC;;OAEG;IACH,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,GAAG,QAAQ;IAI3C;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC;QAC3B,MAAM,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;KACnB,CAAC;~~CAQH~~"}
1	+ {"version":3,"file":"OxyServices.d.ts","sourceRoot":"","sources":["../../../src/core/OxyServices.ts"],"names":[],"mappings":"AAAA,OAAc,EAAE,aAAa,EAA8B,MAAM,OAAO,CAAC;AAEzE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAQ,MAAM,sBAAsB,CAAC;AASjE;;;;;GAKG;AACH,qBAAa,WAAW;IACtB,SAAS,CAAC,MAAM,EAAE,aAAa,CAAC;IAChC,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,YAAY,CAAuB;IAE3C;;;OAGG;gBACS,MAAM,EAAE,SAAS;IAS7B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAqCzB;;OAEG;IACI,UAAU,IAAI,MAAM;IAI3B;;OAEG;IACI,SAAS,CAAC,WAAW,EAAE,MAAM,EAAE,YAAY,GAAE,MAAW,GAAG,IAAI;IAKtE;;OAEG;IACI,WAAW,IAAI,IAAI;IAK1B;;OAEG;IACI,gBAAgB,IAAI,MAAM,GAAG,IAAI;IAaxC;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,OAAO,CAAC;IAalC;;OAEG;IACH,SAAS,CAAC,SAAS,IAAI,aAAa;IAIpC;;OAEG;IACH,SAAS,CAAC,WAAW,CAAC,KAAK,EAAE,GAAG,GAAG,QAAQ;IAI3C;;OAEG;IACG,WAAW,IAAI,OAAO,CAAC;QAC3B,MAAM,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAA;KACnB,CAAC;IASF;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;IACH,IAAI,CAAC,OAAO,GAAE;QACZ,KAAK,CAAC,EAAE,OAAO,CAAC;QAChB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,KAAK,GAAG,CAAC;QACnC,QAAQ,CAAC,EAAE,OAAO,CAAC;QACnB,OAAO,CAAC,EAAE,OAAO,CAAC;KACd,IAGI,KAAK,GAAG,EAAE,KAAK,GAAG,EAAE,MAAM,GAAG;IAiIvC;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA+ChC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@oxyhq/services",
-    "version": "5.9.3",
+    "version": "5.9.5",
     "description": "Reusable OxyHQ module to handle authentication, user management, karma system, device-based session management and more 🚀",
     "main": "lib/commonjs/index.js",
     "module": "lib/module/index.js",

package/src/core/OxyServices.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import axios, { AxiosInstance, InternalAxiosRequestConfig } from 'axios';
 import { jwtDecode } from 'jwt-decode';
-import { OxyConfig, ApiError } from '../models/interfaces';
+import { OxyConfig, ApiError, User } from '../models/interfaces';
 import { handleHttpError } from '../utils/errorUtils';
 interface JwtPayload {
@@ -165,4 +165,221 @@ export class OxyServices {
       throw this.handleError(error);
     }
   }
+  /**
+   * Simple Express.js authentication middleware
+   *
+   * Built-in authentication middleware that validates JWT tokens and adds user data to requests.
+   *
+   * @example
+   * ```typescript
+   * // Basic usage - just add it to your routes
+   * app.use('/api/protected', oxyServices.auth());
+   *
+   * // With debug logging
+   * app.use('/api/protected', oxyServices.auth({ debug: true }));
+   *
+   * // With custom error handling
+   * app.use('/api/protected', oxyServices.auth({
+   *   onError: (error) => console.error('Auth failed:', error)
+   * }));
+   *
+   * // Load full user data
+   * app.use('/api/protected', oxyServices.auth({ loadUser: true }));
+   * ```
+   *
+   * @param options Optional configuration
+   * @param options.debug Enable debug logging (default: false)
+   * @param options.onError Custom error handler
+   * @param options.loadUser Load full user data (default: false for performance)
+   * @param options.session Use session-based validation (default: false)
+   * @returns Express middleware function
+   */
+  auth(options: {
+    debug?: boolean;
+    onError?: (error: ApiError) => any;
+    loadUser?: boolean;
+    session?: boolean;
+  } = {}) {
+    const { debug = false, onError, loadUser = false, session = false } = options;
+    return (req: any, res: any, next: any) => {
+      try {
+        // Extract token from Authorization header
+        const authHeader = req.headers['authorization'];
+        const token = authHeader?.startsWith('Bearer ') ? authHeader.substring(7) : null;
+        if (debug) {
+          console.log(`🔐 Auth: Processing ${req.method} ${req.path}`);
+          console.log(`🔐 Auth: Token present: ${!!token}`);
+        }
+        if (!token) {
+          const error = {
+            message: 'Access token required',
+            code: 'MISSING_TOKEN',
+            status: 401
+          };
+          if (debug) console.log(`❌ Auth: Missing token`);
+          if (onError) return onError(error);
+          return res.status(401).json(error);
+        }
+        // Decode and validate token
+        let decoded: JwtPayload;
+        try {
+          decoded = jwtDecode<JwtPayload>(token);
+          if (debug) {
+            console.log(`🔐 Auth: Token decoded, User ID: ${decoded.userId || decoded.id}`);
+          }
+        } catch (decodeError) {
+          const error = {
+            message: 'Invalid token format',
+            code: 'INVALID_TOKEN_FORMAT',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token decode failed`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        const userId = decoded.userId || decoded.id;
+        if (!userId) {
+          const error = {
+            message: 'Token missing user ID',
+            code: 'INVALID_TOKEN_PAYLOAD',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token missing user ID`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        // Check token expiration
+        if (decoded.exp && decoded.exp < Math.floor(Date.now() / 1000)) {
+          const error = {
+            message: 'Token expired',
+            code: 'TOKEN_EXPIRED',
+            status: 403
+          };
+          if (debug) console.log(`❌ Auth: Token expired`);
+          if (onError) return onError(error);
+          return res.status(403).json(error);
+        }
+        // Session-based validation if requested
+        if (session && decoded.sessionId) {
+          if (debug) console.log(`🔐 Auth: Validating session ${decoded.sessionId}`);
+          this.client.get(`/session/validate/${decoded.sessionId}`)
+            .then(sessionRes => {
+              const sessionData = sessionRes.data;
+              if (!sessionData.valid) {
+                const error = {
+                  message: 'Invalid session',
+                  code: 'INVALID_SESSION',
+                  status: 403
+                };
+                if (debug) console.log(`❌ Auth: Session validation failed`);
+                if (onError) return onError(error);
+                return res.status(403).json(error);
+              }
+              if (debug) console.log(`✅ Auth: Session validation successful`);
+              // Continue with user data loading
+              this.loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError);
+            })
+            .catch(sessionError => {
+              const error = {
+                message: 'Session validation failed',
+                code: 'SESSION_VALIDATION_ERROR',
+                status: 403
+              };
+              if (debug) console.log(`❌ Auth: Session validation error`);
+              if (onError) return onError(error);
+              return res.status(403).json(error);
+            });
+          return; // Exit early, will continue in promise chain
+        }
+        // No session validation needed, continue directly
+        this.loadUserDataAndContinue(req, res, next, userId, loadUser, debug, onError);
+      } catch (error) {
+        const apiError = this.handleError(error);
+        if (debug) {
+          console.log(`❌ Auth: Unexpected error:`, apiError);
+        }
+        if (onError) return onError(apiError);
+        return res.status(apiError.status || 500).json(apiError);
+      }
+    };
+  }
+  /**
+   * Helper method to load user data and continue middleware chain
+   */
+  private loadUserDataAndContinue(
+    req: any,
+    res: any,
+    next: any,
+    userId: string,
+    loadUser: boolean,
+    debug: boolean,
+    onError?: (error: ApiError) => any
+  ): void {
+    // Set request properties
+    req.userId = userId;
+    req.accessToken = req.headers['authorization']?.substring(7) || null;
+    // Load user data if requested
+    if (loadUser) {
+      this.client.get(`/users/${userId}`)
+        .then(userRes => {
+          req.user = userRes.data;
+          if (debug) {
+            console.log(`✅ Auth: Authentication successful for user ${userId}`);
+          }
+          next();
+        })
+        .catch(userError => {
+          // If user loading fails, just use minimal user data
+          req.user = { id: userId } as User;
+          if (debug) {
+            console.log(`⚠️ Auth: Failed to load user data, using minimal data`);
+            console.log(`✅ Auth: Authentication successful for user ${userId}`);
+          }
+          next();
+        });
+    } else {
+      // Use minimal user data for performance
+      req.user = { id: userId } as User;
+      if (debug) {
+        console.log(`✅ Auth: Authentication successful for user ${userId}`);
+      }
+      next();
+    }
+  }
 }